Added DOMPurify sanitization to Page.jsx with allowed tags/attributes and Added null safety check for SVG rendering in SplashViz.jsx

Author: rahul-kr-rai

src/components/Page/Page.jsx

@@ -99,7 +99,49 @@ export default function Page(props) {
     contentRender = (
       <div
         dangerouslySetInnerHTML={{
-          __html: DOMPurify.sanitize(content),
+          __html: DOMPurify.sanitize(content, {
+            ALLOWED_TAGS: [
+              "h1",
+              "h2",
+              "h3",
+              "h4",
+              "h5",
+              "h6",
+              "p",
+              "a",
+              "em",
+              "strong",
+              "b",
+              "i",
+              "code",
+              "pre",
+              "div",
+              "span",
+              "ul",
+              "ol",
+              "li",
+              "table",
+              "thead",
+              "tbody",
+              "tr",
+              "td",
+              "th",
+              "blockquote",
+              "hr",
+              "br",
+              "img",
+              "button",
+            ],
+            ALLOWED_ATTR: [
+              "href",
+              "title",
+              "src",
+              "alt",
+              "class",
+              "id",
+              "data-clipboard-text",
+            ],
+          }),
         }}
       />
     );

src/components/SplashViz/SplashViz.jsx

@@ -26,7 +26,7 @@ export default class SplashViz extends Component {
         </h1>
         <div
           className="splash-viz__modules"
-          dangerouslySetInnerHTML={{ __html: HomeSVG.body }}
+          dangerouslySetInnerHTML={{ __html: HomeSVG?.body || "" }}
         ></div>
         <Cube
           className="splash-viz__cube"